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REMARKS 

The latest OfTice Action, mailed August 12. 2004, considered and rejected claims 1-15, 
17-20, 22, 24 and 25 in view of LiVecchi and Srikantan.' 

By this paper, claims 1, 13 and 17 have been amended, claims 24-25 have been cancelled 
and claims 26-32 have been added.^ Accordingly, claims 1-15, 17-20, 22 and 26-32 remain 
pending, of which claims 1, 17 and 26 are the only independent claims that remain at issue. 

The present invention is directed primarily to methods and computer program products 
for reducing the impact of denial of service attacks, hi claims 1 and 17, the recited method 
includes establishing connection sockets for received connection requests, at least one of which 
is not placed in a backlog queue. For each connection request for wliich the server computer 
system cannot currently establish a connection socket, the connection request is placed in the 
backlog queue without then establishing a connection socket. Thereafter, upon determining that 
the backlog queue is being used, the method furtlier includes identifying and disconnecting any 
connection sockets that have no received request data, so as to reduce an impact of a denial of 
service attack, as described tliroughout Applicant's specification. 

To reduce the risk associated with closing a connection socket that has been established 
for Icgitunate reasons, as opposed to one that has been established in response to a malicious 
denial of sei-vicc attack, the recited methods can also include waiting a predetermined period of 
lime after determining that the backlog queue is being used. (Claims 15, 22, 27. 28). 



' Claiirs 1-4 6 8-9, 12-13. 16-19. 21 and 23 were rejected under 35 U.S.C. § 102(e) as beinR anHcioated bv 
L.Vecch,JJS.PatentNo. 6.427.161). Clain^sS.?. 10-11. 14-15. 20. 22 and 24-25 we^StedSJS^^^^^^ 
103(a as being unpatentable over LiVecchi in view of Srikaotan (U.S. PublicaUon No. 2m^29^L S^J, 

Sc heSS'JI Scll'"^ ^PP™P^*^«'^• ^•'O""! -i^- Accordingly, any arguments and J^ZLn^ 
imili, herein should not be constwed as acquiescing to any prior art status of the cited arL 

in?;SltttSSro ^^^^^^^^ """'"""'^ ^ ^--^-t the specification. 
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In the last amendments (B and C), Applicants have argued that the cited art fails to 
disclose or suggest any method that includes "identifying any connection sockets that have no 
received request data" or "disconnecting" these identified connection sockets and that the 
Examiner has failed to address these claims.^ However, the Examiner has not responded to these 
arguments, histcad, the Examiner merely cites passages (Col. 15, In. 67, col. 16, 11. 1-10 and 18^ 
67) which clearly do not teach or suggest either (a) identifying comieclion sockets that have no 
received request data, or (b) disconnecting said connection sockets. These passages, however do 
not teach anything related to identifying and disconnecting connection sockets tliat have no 
received request data, let alone the identification and disconnecting of connection sockets that 
arc detei-mined to be servicing a malicious connection request (claims 26. 30, 32). To the 
contrary, these passages teach about the transfer of connections from accepted connections 
queues to a ready queue of the collector socket 

The claim elements of identifying and disconnecting any connection sockets that have no 
received request data are important according to the present invention because they are part of 
the metliod for reducing the impact of a denial of service requests. However, notwithstanding 
this importance, the cited art not only fails to disclose or suggest these incited claim elements, 
tiiey fail to even address denial of service attacks. Instead. LiVecchi is directed more generally 
to thread scheduling techniques for multithreaded servers (Title) and Srikantan is directed more 
generally to methods for handling events received at a server socket (Title). 



or "Sm?" T""^ addressed whether a backlog queue includes connection request without regard for whether 
Lenl.^ '=°'^'=«ion requests include associated data. This language, however, has been deleted from the 

S i : ^^"^ itmerely discloses how long connections will be 

t!^nJ- u n f " "'•"^y l^»«=hing to the claimed identification and cancellation of socket 
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Applicants respectfully submit that the pending claims should now be allowed for at least 
Ihe forcgoijig reasons. The new claims, including independent claim 26 should also be allowed 
for at least the same reasons as they include language even more specifically directed to reducing 
the impact of denial of service attacks. 

In the event that the Examiner finds remaining impediment to a prompt allowance of this 
application that may be clarified through a telephone interview, the Examiner is requested to 
contact the undersigned attorney. 

Dated tliis W day of November 2004, 



Respectfully submitted. 




RICKD. NYDEGGER 
Registration No, 28,651 
JENS C. JENKINS 



Registration No, 44,803 
Attorneys for Applicant 



Customer No. 47973 
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